Battle.net Authenticator Changes

If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist

First off, this will not negatively affect your account's security from outside sources.

http://twitter.com/#!/BlizzardCS/statuses/81485048242651136

Blizzard's security developers are far more intelligent than they're often given credit for. With dozens upon dozens of company databases compromised within the last few weeks, Blizzard's bound to be doing everything they can to ensure their system is locked down as tightly as possible. Now would be one of the absolute worst of times for Blizzard to even think about using laxer security methods.

http://twitter.com/#!/BlizzardCS/statuses/81493177147727872

You will not be able to be compromised through IP spoofing or the like. Such an elaborate system is going to be well-designed and use information beyond just location. While we won't know exactly what data is collected, it isn't data that would be easily duplicated (e.g. hardware IDs).

Additionally, please note that there was a so-called "man-in-the-middle" compromise that would snatch an authenticator code after it was entered and then crash WoW's executable, submitting the valid code to someone hoping to break into your account. While this method will still function, it will be defunct on systems that are already affected by this change. No authenticator code to enter means no authenticator code to steal.________________________________________________The wise speak only of what they know. - J.R.R. TolkienCORE I7 3.8GHz | 12GB RAM | ATI 5970+5870 | F120 SSDLive Support: irc://chat.freenode.net/wowtech

Just saw this on breaking news, thankfully it asked for my authenticator numbers when I logged on, I hope it always does, same location or not. The reason I bought the authenticator was an attempt to prevent my account from being hacked, now it's not going to ask for it? Why even have one if that is the case? I personally don't like this update and would prefer the intrusion, and having to input it everytime.

Out of curiosity, will it be possible to opt out of that? While I'm sure the developers will roll out software that is indeed quite "intelligent" and does the job well, I would like to have the option to always use my authenticator regardless of where I'm logging in from.

Out of curiosity, will it be possible to opt out of that? While I'm sure the developers will roll out software that is indeed quite "intelligent" and does the job well, I would like to have the option to always use my authenticator regardless of where I'm logging in from.

I agree with this. I'd like to have the option to always use my authenticator.

This is a catastrophically bad idea. If thieves have tricked someone into downloading a keylogger to get the login info, they can just as easily immediately fake a login to bnet2.0 from the victim's machine.

Edit -- I said they would use a keylogger to get the authcode, when obviously they don't need that any more, just the login. Also, /facepalm

If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist

If you use an authenticator – and we hope you do – you may soon notice that an authenticator prompt may not appear with every login. We’ve recently updated our authentication system to intelligently track your login locations, and if you’re logging in consistently from the same place, you may not be asked for an authenticator code. This change is being made to make the authenticator process less intrusive when we’re sure the person logging in to your account is you.

We hope to continue improving the authenticator system to ensure the same or greater security, while improving and adding features to make having one a more user friendly experience. If you don’t already have a Battle.net Authenticator attached to your account, don’t wait until it’s too late - http://us.battle.net/en/security/checklist

Please, no. I don't care if it "thinks" its me, could be my sister or my brother-in-law logging into my account. Then what?

Yea, I don't think so. Just because its the same location, won't necessarily mean its the same person if there are multiple people under one roof. I'd rather have it ask me every single time to log in the game.